Web Programming, Linux System Administation, and Entrepreneurship in Athens Georgia

Disabling HTTP TRACE

The HTTP TRACE Method is a debugging tool in Apache that just echo’s back what was sent to it. Attackers could potentially use this to trick a browser into revealing cookies or other request details from the domain with HTTP TRACE enabled. See http://www.apacheweek.com/issues/03-01-24#news for more info